ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

OpenClaw Video Publisher

v1.0.0

支持一键将视频批量上传至抖音、快手、视频号、B站、YouTube 和 TikTok,具备凭证管理和失败自动重试功能。

0· 261·0 current·0 all-time
byJustin Liu@zhenstaff
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The SKILL.md and README clearly describe a Node.js package that requires platform API credentials (Douyin, Kuaishou, WeChat Channels, Bilibili, YouTube, TikTok) and Node.js runtime. However, the registry metadata lists no required env vars, no primary credential, and 'required binaries' as none. That is inconsistent: a video-publisher tool legitimately needs API credentials and Node.js. The absence of those requirements in the registry is unexplained and suspicious.
Instruction Scope
The instructions ask the agent to read local videos (videos/), config/platforms.json, and a .env file and then upload video files to third‑party platform APIs — behavior consistent with the stated purpose. They also include examples that run publish.sh and install from npm/GitHub. This is within scope for a publisher, but the README contains claims like '不收集用户数据' and '不连接第三方服务器 (除配置的平台 API)' which should be interpreted strictly: the skill will transmit user video files and credentials to external platform APIs, so those transmissions must be reviewed and verified by the user.
!
Install Mechanism
The skill is instruction-only in the registry (no install spec), but SKILL.md and README instruct installing from npm (openclaw-video-publisher) or cloning a GitHub repo (github.com/ZhenRobotics/openclaw-video-publisher). The registry lists the source as unknown and homepage none — mismatch between claimed upstream (GitHub/npm) and registry metadata is a red flag. Installing packages from npm or running arbitrary publish.sh from a cloned repo can execute arbitrary code; verify the upstream source and review package contents before installing.
!
Credentials
Although the registry declares no required environment variables or primary credential, the documentation and examples expect a .env and config/platforms.json containing multiple sensitive credentials (client keys/secrets, access tokens, refresh tokens) for several unrelated platforms. Requesting many platform credentials is reasonable for a cross‑poster, but the registry should declare these explicitly. The mismatch increases the risk of accidental credential exposure (e.g., if an agent is allowed to read environment or config without explicit consent).
Persistence & Privilege
The skill does not request always:true and is user-invocable; it does not claim to modify other skills or agent system settings. Autonomous invocation is allowed (default) but not combined with other high-risk indicators here. No evidence the skill requires persistent elevated privileges.
Scan Findings in Context
[no_scan_findings] expected: The package contains no code files in the registry bundle — the skill is instruction-only (SKILL.md and README). The static regex scanner found nothing to analyze; this is expected for an instruction-only skill but means there is no executable code in the bundle to inspect.
What to consider before installing
Do not install or run code blindly. Before using this skill: 1) Verify the upstream repository and npm package (the README references github.com/ZhenRobotics/openclaw-video-publisher and an npm package, but the registry lists source unknown) — check repository ownership, recent commits, and package publisher. 2) Inspect the package contents (or cloned repo) locally before running npm install -g or publish.sh; review scripts that run on install and any shell entrypoints. 3) Only supply minimal, scoped credentials (use platform apps/tokens with limited scopes) and avoid pasting full credentials into chat with an agent. 4) Confirm which env/config files will be read by the agent and ensure .env and config files are not inadvertently uploaded to external services. 5) If you need to allow the agent to run publishing actions, grant access incrementally (test with a single platform and non-production tokens). Additional information that would reduce risk: providing a verifiable source URL in registry metadata, explicit list of required env vars in the registry, and a published npm package with matching maintainer identity and package signature.

Like a lobster shell, security has layers — review code before you run it.

latestvk970ffwf0mfz13tmcynjr7cy7x82nsm1

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments